Information Security – Hacker Motivation

Reports indicate that Deputy President (DP) William Ruto’s twitter account has been compromised. This comes hardly two days after twitter accounts of the Kenya Defense Force (KDF) and that of its spokesman, Major Emmanuel Chirchir we compromised.

It appears that it is the same group of hackers involved in both cases and clearly targeting the government. Indeed, using the DP’s twitter handle, the hackers posted a series of government sites that they had hacked. While we may not know the extent of damage inflicted, the embarrassment factor is big enough to require immediate and urgent action on the part of government.

In social media, some people have expressed glee that these unlawful acts and are happy that the Jubilee government is being subjected to shame. As a “digital government”, some said, Jubilee should be better prepared to deal with such risks, adding that the government’s rhetoric doesn’t match reality.

Whatever anyone thinks, all of us Kenyans should feel bad that such high-level exposure is happening to key national offices in the country. This is especially so when the country faces the monumental task in securing the country. The least we should do as citizens (whether allied to the government or opposition) is empathize and hope that the government would put in rapid measures to restore normalcy and trust that it can forestall further cyber challenges of the kind we have seen.

If there is anything to learn from these incidents it is that time is nigh for rapid implementation of information protection measures! Information security needs to be prioritized as a matter of urgency. It is important that we prioritize attention in this area so as to forestall similar (and perhaps worse) happenings.

Let’s remember that these hackers are not going away. We must expect that there will be continuous attempts at breaking into systems (be they government or private sector) by the large mass of hackers out there. Some would be copycat attacks while others would be fresh exploration of weaknesses of our systems accessible over the Internet.

The hacker menace (whether internal or external to an organization) is real and is here to stay. The best we can do is be prepared to prevent, detect and respond to (deal with) the threat when it materializes. Indeed, the realistic course is make it as hard as one possibly make it for hackers to break into systems.

There is more. There is no absolute security regardless of the amount of resources dedicated to system protection. A well-motivated hacker with an infinite resources (e.g. time and money) will break into a system however secure the system is deemed.

We will be discussing protection techniques in the future. Before that, however, we need to understand what motivates hackers and why they continue to be a menace.

Hacking has been around as long as computers existed. The menace has grown with the proliferation of the Internet and the Internet’s pervasive use. As the Internet reach grows, so also does the hacker threat. This is especially so given ease with which hackers, located in disparate locations, can collaborate and share attack techniques.

Hackers are people who usually intrude into computer systems and manipulate these systems for their own ends. They are motivated by different interests, including the following:

Thrill for personal satisfaction

These are people who hack for the sake of hacking. They derive satisfaction from breaking into systems, for the fun the challenge the challenge presents and are motivated by anything other than the prize: breaking into systems. Some would then later brag about their escapades to their underground “communities” and in the process gain “respect” among their peers.

One can imagine the hackers in the recent Kenyan hacks bragging about how they embarrassed our forces and the Deputy President of the nation! Quite, some “respect” it would earn these intruders.

“Service to the Community”

These break into systems believing that exposing flaws in the systems is good for the community. Clearly they enjoy their thrill but also understand that once a flaw has been exposed, the people concerned will fix it and thus leave society better off. There was once a story of a kid who broke into a bank, created an accounted and planted a malicious program that, on a nightly basis deducted small amounts of money from all the accounts and deposited the amounts in an account he created. Later, it is said, he presented the evidence to the bank management. And he hadn’t withdrawn a cent from the large amount of money he had accumulated.

Now suppose that the hackers in the Kenyan cases intended “service to community”, they would rest easy that the government has woken up to the reality of exposure they face.

Motivated by Malice

Despite the above, my reading is that the people that hacked KDF and DP’s accounts were driven by malice. Even if they many not have gained access to sensitive KDF and DP information, the embarrassment in government ranks and across the country is palpable. As a result, some may question KDF’s ability to protect us when they cannot protect, as simple a thing as a twitter account. For the DP, the question I have had posed is: how could such a BIG office (with all the resources at its disposal) be so sloppy in the management of the DP’s communication channels.

Malicious hackers usually do a number of things once they enter a computer.

They may steal and (possibly) disclose sensitive information to unauthorized parties. For example, suppose such hackers gained access to the KDF’s battle strategy and plans. This would be treasure in the hands of an enemy.

Now suppose that they proceeded to modify the plans and which plans are then transmitted to the battle field. The consequences could be dire and those in the field could be acting on modified information. Indeed, suppose the hacker had ability to interfere with the timely and accurate transmission of such information! They would clearly hamper execution of battle plans to the detriment of KDF!

The term Information Warfare is becoming common place. This is where the theatre of war extends to cyberspace. Here hackers (working for parties in combat) target enemy targets in order to gain advantage in the field. A few years ago, Iranian nuclear facilities were infected by the stuxnet virus that paralyzed its nuclear centrifuges, clearly hampering the development of its nuclear program!

In the commercial arena the world is becoming more and more competitive. Whoever stays ahead in terms of research and development, and translating the information to products and services could stay ahead economically. Now suppose the malicious hacker gets hold of such intellectual property!

Industrial espionage is a reality today, whether by foreign or local parties.

In a recent case, systems of a large retail chain in North America (Target) were compromised. The hackers gained access to the company’s customer base, including credit card information. Such information could be used for malicious purposes including credit card fraud. While the impact on the retail chain hasn’t been quantified, clearly it suffered substantial brand image and (perhaps) to the advantage of its competitors.

Final words: pervasive technology use requires clear understanding of information protection needs. These include developing strategies, policies, deployment and operation needs to assure systems protection. Of necessity these needs would encompass aspects of people, processes and technology.

Dr Matunda Nyanchama is a Director and Managing Consultant at Agano Consulting Inc., an ICT services firm with offices in Canada and Kenya. He can be reached at This email address is being protected from spambots. You need JavaScript enabled to view it..